|
|
Subscribe / Log in / New account

kernel: information leak, denial of service

Package(s):linux-2.6 CVE #(s):CVE-2007-6206 CVE-2007-6417
Created:December 21, 2007 Updated:September 1, 2010
Description: Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information. (CVE-2007-6206)

Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page maybe improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash). (CVE-2007-6417)

Alerts:
SUSE SUSE-SA:2010:036 kernel 2010-09-01
Red Hat RHSA-2008:0787-01 kernel 2009-01-05
Red Hat RHSA-2009:0001-01 kernel 2009-01-08
CentOS CESA-2008:0885 kernel 2008-09-25
Red Hat RHSA-2008:0885-01 kernel 2008-09-24
SuSE SUSE-SA:2008:032 kernel 2008-07-07
SuSE SUSE-SA:2008:030 kernel 2008-06-20
Mandriva MDVSA-2008:112 kernel 2007-06-12
CentOS CESA-2008:0211 kernel 2008-05-07
Red Hat RHSA-2008:0211-01 kernel 2008-05-07
Mandriva MDVSA-2008:086 kernel 2008-04-15
Debian DSA-1503-2 kernel-source-2.4.27 2008-03-06
Debian DSA-1504 kernel-source-2.6.8 2008-02-22
Debian DSA-1503 kernel-source-2.4.27 2008-02-22
Ubuntu USN-578-1 linux-source-2.6.15 2008-02-14
SuSE SUSE-SA:2008:007 kernel 2008-02-12
Mandriva MDVSA-2008:044 kernel 2008-02-12
rPath rPSA-2008-0048-1 kernel 2008-02-08
SuSE SUSE-SA:2008:006 kernel 2008-02-07
Ubuntu USN-574-1 linux-source-2.6.17/20/22 2008-02-04
Red Hat RHSA-2008:0055-01 kernel 2008-01-31
Red Hat RHSA-2008:0089-01 kernel 2008-01-23
Debian DSA-1436-1 linux-2.6 2007-12-20
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds